EZP-28917: As a Developer I want API to manipulate User Tokens (#2270)

* EZP-28917: As a Developer I want API to manipulate User Tokens * EZP-28917: Implemented integration tests for User Token APIs * EZP-28917: Implemented checking for user / password policy It allows Users w/o content / edit policy to update their password BC: If User has content / edit policy, but no user / password policy, updating password works as well
ezecosystem · Mar 12, 2018 · c36d73b · c36d73b
1 parent 18235e6
commit c36d73b
Show file tree

Hide file tree

Showing 3 changed files with 157 additions and 0 deletions.
diff --git a/Repository/Tests/UserServiceTest.php b/Repository/Tests/UserServiceTest.php
@@ -8,11 +8,13 @@
  */
 namespace eZ\Publish\API\Repository\Tests;
 
+use DateTime;
 use eZ\Publish\API\Repository\Exceptions\InvalidArgumentException;
 use eZ\Publish\API\Repository\Exceptions\NotFoundException;
 use eZ\Publish\API\Repository\Values\Content\ContentInfo;
 use eZ\Publish\API\Repository\Values\Content\VersionInfo as APIVersionInfo;
 use eZ\Publish\API\Repository\Values\User\UserGroupUpdateStruct;
+use eZ\Publish\API\Repository\Values\User\UserTokenUpdateStruct;
 use eZ\Publish\API\Repository\Values\User\UserUpdateStruct;
 use eZ\Publish\API\Repository\Values\User\User;
 use eZ\Publish\Core\Repository\Values\Content\Content;
@@ -2531,4 +2533,102 @@ public function testCreateUserInvalidPasswordHashTypeThrowsException()
         // Reset to default settings, so we don't break other tests
         $settingsProperty->setValue($userService, $defaultUserServiceSettings);
     }
+
+    /**
+     * Test loading User by Token.
+     *
+     * @covers \eZ\Publish\API\Repository\UserService::loadUserByToken
+     */
+    public function testLoadUserByToken()
+    {
+        $repository = $this->getRepository();
+        $userService = $repository->getUserService();
+
+        $user = $this->createUserVersion1();
+
+        $userTokenUpdateStruct = new UserTokenUpdateStruct();
+        $userTokenUpdateStruct->hashKey = md5('hash');
+        $userTokenUpdateStruct->time = new DateTime();
+
+        $userService->updateUserToken($user, $userTokenUpdateStruct);
+
+        $loadedUser = $userService->loadUserByToken($userTokenUpdateStruct->hashKey);
+        self::assertEquals($user, $loadedUser);
+
+        return $userTokenUpdateStruct->hashKey;
+    }
+
+    /**
+     * Test trying to load User by invalid Token.
+     *
+     * @covers \eZ\Publish\API\Repository\UserService::loadUserByToken
+     */
+    public function testLoadUserByTokenThrowsNotFoundException()
+    {
+        $this->expectException(NotFoundException::class);
+
+        $repository = $this->getRepository();
+        $userService = $repository->getUserService();
+
+        $user = $this->createUserVersion1();
+
+        $userTokenUpdateStruct = new UserTokenUpdateStruct();
+        $userTokenUpdateStruct->hashKey = md5('hash');
+        $userTokenUpdateStruct->time = new DateTime();
+
+        $userService->updateUserToken($user, $userTokenUpdateStruct);
+
+        $userService->loadUserByToken('not_existing_token');
+    }
+
+    /**
+     * Test updating User Token.
+     *
+     * @covers  \eZ\Publish\API\Repository\UserService::updateUserToken()
+     *
+     * @depends testLoadUserByToken
+     *
+     * @param string $originalUserToken
+     */
+    public function testUpdateUserToken($originalUserToken)
+    {
+        $repository = $this->getRepository(false);
+        $userService = $repository->getUserService();
+
+        $user = $userService->loadUserByToken($originalUserToken);
+
+        $userTokenUpdateStruct = new UserTokenUpdateStruct();
+        $userTokenUpdateStruct->hashKey = md5('my_updated_hash');
+        $userTokenUpdateStruct->time = new DateTime();
+
+        $userService->updateUserToken($user, $userTokenUpdateStruct);
+
+        $loadedUser = $userService->loadUserByToken($userTokenUpdateStruct->hashKey);
+        self::assertEquals($user, $loadedUser);
+    }
+
+    /**
+     * Test invalidating (expiring) User Token.
+     *
+     * @covers \eZ\Publish\API\Repository\UserService::expireUserToken()
+     *
+     * @depends testLoadUserByToken
+     *
+     * @param string $userToken
+     */
+    public function testExpireUserToken($userToken)
+    {
+        $this->expectException(NotFoundException::class);
+
+        $repository = $this->getRepository(false);
+        $userService = $repository->getUserService();
+
+        // sanity check
+        $userService->loadUserByToken($userToken);
+
+        $userService->expireUserToken($userToken);
+
+        // should throw NotFoundException now
+        $userService->loadUserByToken($userToken);
+    }
 }
diff --git a/Repository/UserService.php b/Repository/UserService.php
@@ -8,6 +8,7 @@
  */
 namespace eZ\Publish\API\Repository;
 
+use eZ\Publish\API\Repository\Values\User\UserTokenUpdateStruct;
 use eZ\Publish\API\Repository\Values\User\UserCreateStruct;
 use eZ\Publish\API\Repository\Values\User\UserUpdateStruct;
 use eZ\Publish\API\Repository\Values\User\User;
@@ -195,6 +196,16 @@ public function loadUserByLogin($login, array $prioritizedLanguages = []);
      */
     public function loadUsersByEmail($email, array $prioritizedLanguages = []);
 
+    /**
+     * Loads a user with user hash key.
+     *
+     * @param string $hash
+     * @param array $prioritizedLanguages
+     *
+     * @return \eZ\Publish\API\Repository\Values\User\User
+     */
+    public function loadUserByToken($hash, array $prioritizedLanguages = []);
+
     /**
      * This method deletes a user.
      *
@@ -224,6 +235,23 @@ public function deleteUser(User $user);
      */
     public function updateUser(User $user, UserUpdateStruct $userUpdateStruct);
 
+    /**
+     * Update the user token information specified by the user token struct.
+     *
+     * @param \eZ\Publish\API\Repository\Values\User\User $user
+     * @param \eZ\Publish\API\Repository\Values\User\UserTokenUpdateStruct $userTokenUpdateStruct
+     *
+     * @return \eZ\Publish\API\Repository\Values\User\User
+     */
+    public function updateUserToken(User $user, UserTokenUpdateStruct $userTokenUpdateStruct);
+
+    /**
+     * Expires user token with user hash.
+     *
+     * @param string $hash
+     */
+    public function expireUserToken($hash);
+
     /**
      * Assigns a new user group to the user.
      *

diff --git a/Repository/Values/User/UserTokenUpdateStruct.php b/Repository/Values/User/UserTokenUpdateStruct.php
@@ -0,0 +1,29 @@
+<?php
+
+/**
+ * @copyright Copyright (C) eZ Systems AS. All rights reserved.
+ * @license For full copyright and license information view LICENSE file distributed with this source code.
+ */
+namespace eZ\Publish\API\Repository\Values\User;
+
+use eZ\Publish\API\Repository\Values\ValueObject;
+
+/**
+ * This class is used to update a user token in the repository.
+ */
+class UserTokenUpdateStruct extends ValueObject
+{
+    /**
+     * Hash key date for user account.
+     *
+     * @var string
+     */
+    public $hashKey;
+
+    /**
+     * Time to which the token is valid.
+     *
+     * @var \DateTime|null
+     */
+    public $time;
+}